Hi Andrea, next question Does it make sense to offer this feature for administrative tasks (GUI or REST). I think not but I am quite unsure.
Zitat von Andrea Aime <[email protected]>: > On Sat, Feb 11, 2012 at 7:05 AM, <[email protected]> wrote: > >> Hmm, I think a rest-config like extension would not help either because >> the caller needs administrative privileges. >> > > As far as I know it's possible to expose rest services without requiring > administrative privileges, > but they have to be outside of the /rest path > > >> >> The only solution I see at the moment is to send back the role list for >> the authenticated user using a http response header attribute. >> >> This could be implemented in the new security patch using an optional >> servlet filter, default is NOT sending the role list. >> >> Does this make sense ?, need some votes here. >> > > Makes sense, especially since the user already authenticated, and makes > also sense to keep > that off by default, as the user roles is something the security > administrator might not want to > expose to end users. > > Just one word of caution, the HTTP header is normally size-capped by the > http servers, for example > Tomcat limits it to 4KB by default. I don't believe this will pose > practical limits, a user is normally > associated with a small number of roles, but something to keep in mind > > Cheers > Andrea > > -- > ------------------------------------------------------- > Ing. Andrea Aime > GeoSolutions S.A.S. > Tech lead > > Via Poggio alle Viti 1187 > 55054 Massarosa (LU) > Italy > > phone: +39 0584 962313 > fax: +39 0584 962313 > mob: +39 339 8844549 > > http://www.geo-solutions.it > http://geo-solutions.blogspot.com/ > http://www.youtube.com/user/GeoSolutionsIT > http://www.linkedin.com/in/andreaaime > http://twitter.com/geowolf > > ------------------------------------------------------- > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
